Gaurav Ghimire wrote:
Just curious to know if we have something, some alerting system or mechanism
that provides the administrator with the daily reports that pf itself or some
other
tool collects on pf's behalf.
That probably reports the admin of:
~ Total connection counts matched on each rulesets.
~ Total number of counts matched on deny rules.
/etc/periodic/security/520.pfdenied
it should be enabled by default if you haven't done anything unnatural to
the /etc/periodic system
> ~ IP/Port attack logs and relatives.
only if you specify "log" in one or more of your pf rules, in which
case you will find it in /var/log/pflog, /var/log/pflog.?.bz2, and
/var/log/pf.{today,yesterday}
tom
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
